CompTIA Security+ (SY0-601) — Question 21

A company wants to simplify the certificate management process. The company has a single domain with several dozen subdomains, all of which are publicly accessible on the internet. Which of the following BEST describes the type of certificate the company should implement?

Answer options

• A. Subject alternative name
• B. Wildcard
• C. Self-signed
• D. Domain validation

Correct answer: B

Explanation

The Wildcard certificate is ideal for this scenario because it allows the company to secure the primary domain and all its subdomains with a single certificate, simplifying management. The Subject Alternative Name certificate can also handle multiple domains but is less efficient for numerous subdomains. A Self-signed certificate lacks the trust from external parties, while Domain validation certificates are generally used for single domains.